Regarding personal data, Qonto is rigorously compliant with the European Union requirements and the recommendations from the CNIL for businesses.
We do not store your account password or your card number.
☝️FYI: We will never ask for your password, neither the validation code sent by SMS.
We use the highest security standards to protect your data:
- An ACM certificate and the TLS protocol to encrypt communications to our servers.
- A session cryptographically validated by a ES256 JWT to ensure accounts can only be accessed by their rightful owner.
- Public key pinning on mobile apps to prevent some hacking attacks.